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BIOS 



Either decryption key or other 
number that identifies BIOS is 
used to decrypt table 



Encrypt table again 



AUTHENTICATION SOFTWARE 



Collect data: A) fixed 
component, B) Variable 
component, C) System trace 
component and optionally D) 
PIN-code 



6 6 Perform hashing, bit 
string results. Bit string is 
translated into pointers. 





Gather data, from table using 
pointers 



Collect System Trace data 
component and Variable data 
component and add digital 
signature. Hand over to Third 
Party Application 



FIG. 6 



6/7 



(Third Party) Application 



Receive request for digital 
file 



Request BIOS if Authentication 
Software is installed and 
running . 



86 



Start transaction by handing 
over transaction ID 



Store digital sign together 
with variable data components 
and any identifying data, e.g. 
IP-number. 



BIOS 




AUTHENTICATION SOFTWARE 



84 



z. 



Confirm or deny (in case of 
denial : Application reroutes 
BIOS to TTP cf. cell 24 (Fig. 

2) 



88 




Generate a digital signature cf. Fig. 6 



L 



Embed digital signature in the 
requested digital file. 



Transfer digital file to 
requesting application. 
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92 



.94 



FIG. 7 



Digitally Signed 
Application 



AUTHENTICATION SOFTWARE 



Started 



Request BIOS to regenerate 
digital signature 



Transfer digital signature and 
data components originally 
used to generate embedded 
digital signature 
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106 

/ 



Regenerate a digital signature cf. Fig. 6 



Compare embedded and 
regenerated digital signatures 



.108 



Upon verification of the 
digital signature, the 
application starts. 



.110 



FIG. 8 
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On-line Application 



AUTHENTICATION SOFTWARE 



Receive request for 
transaction 



120 



126 



Request BIOS if Authentication 
Software is installed and 
running 








Confirm or deny (in case of 
denial: Application reroutes 
BIOS to TTP cf. cell 24 (Fig. 
2) 


Start transaction by handing 
over an transaction ID 





,124 



128 

L 







Generate a digital sign cf . Fig. 6 


Complete transaction when 
receiving the digital 
signature . 
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FIG. 9 



User application 



Access digital data 




AUTHENTICATION SOFTWARE 



Authentication software 
started 



.222 



Decrypt first encryption layer 



Collect data and generate 
decryption key 



Decrypt second encryption 
layer using decryption key 



T 



Provide data to user 
application 
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Use provided digital data 



FIG. 10 



